<?php
/**
 * 系统设置
 * 州弟医院信息系统 - 州弟学安全
 */

// 包含函数文件
require_once '../includes/functions.php';

// 检查用户是否已登录并具有管理员权限
if (!isLoggedIn() || !hasRole('admin')) {
    $_SESSION['error_msg'] = '您无权访问该页面';
    redirect('../login.php');
}

// 处理设置更新
$success = '';
$error = '';
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    // 如果提交了测试邮件请求
    if (isset($_POST['test_email'])) {
        // 简单实现，仅显示成功消息
        $success = '测试邮件已发送！';
    }
    // 如果提交了备份请求
    elseif (isset($_POST['backup_db'])) {
        // 简单实现，仅显示成功消息
        $success = '数据库备份操作已启动，请稍后查看备份列表！';
    }
    // 如果提交了系统设置更新请求
    elseif (isset($_POST['update_settings'])) {
        $site_name = $_POST['site_name'] ?? '';
        $admin_email = $_POST['admin_email'] ?? '';
        $version = $_POST['version'] ?? '';
        $copyright = $_POST['copyright'] ?? '';
        
        if (empty($site_name) || empty($admin_email)) {
            $error = '站点名称和管理员邮箱不能为空';
        } else {
            // 更新设置
            $site_name = $conn->real_escape_string($site_name);
            $admin_email = $conn->real_escape_string($admin_email);
            $version = $conn->real_escape_string($version);
            $copyright = $conn->real_escape_string($copyright);
            
            // 简单实现，仅显示成功消息
            $success = '系统设置已更新！';
            
            // 记录日志
            logAction($_SESSION['user_id'], '更新系统设置');
        }
    }
    
    elseif (isset($_POST['search'])) {
        $username = $_POST['username'] ?? '';
        
        if (!empty($username)) {
            
            $sql = "SELECT id, username, email, role, created_at FROM users WHERE username LIKE '%" . $username . "%'";
            $result = $conn->query($sql);
            
            if ($result) {
                $users = [];
                while ($row = $result->fetch_assoc()) {
                    $users[] = $row;
                }
            } else {
                $error = '搜索失败: ' . $conn->error;
            }
        }
    }
}

// 获取当前设置
$settings = [
    'site_name' => SITE_NAME,
    'admin_email' => ADMIN_EMAIL,
    'version' => VERSION,
    'copyright' => COPYRIGHT
];

// 备份记录示例
$backups = [
    ['id' => 1, 'filename' => 'backup_20230510_120000.sql', 'size' => '1.2MB', 'created_at' => '2023-05-10 12:00:00'],
    ['id' => 2, 'filename' => 'backup_20230501_120000.sql', 'size' => '1.1MB', 'created_at' => '2023-05-01 12:00:00'],
    ['id' => 3, 'filename' => 'backup_20230420_120000.sql', 'size' => '1.0MB', 'created_at' => '2023-04-20 12:00:00']
];

?>

<!DOCTYPE html>
<html lang="zh-CN">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>系统设置 - <?php echo SITE_NAME; ?></title>
    <link rel="stylesheet" href="/assets\css/bootstrap_69c9e605.min.css">
    <link rel="stylesheet" href="/assets\css/all_3b858821.min.css">
    <link rel="stylesheet" href="/assets\css/style.css">
</head>
<body>
    <div class="container-fluid">
        <div class="row">
            <!-- 侧边栏 -->
            <div class="col-md-2 px-0 admin-sidebar">
                <div class="py-3 px-3 bg-dark">
                    <a href="<?php echo SITE_URL; ?>admin/" class="text-white text-decoration-none">
                        <i class="fas fa-hospital-alt mr-2"></i>管理后台
                    </a>
                </div>
                <div class="p-3">
                    <div class="text-white mb-3">
                        <i class="fas fa-user-circle mr-1"></i> <?php echo $_SESSION['username']; ?>
                    </div>
                    <ul class="nav flex-column">
                        <li class="nav-item">
                            <a class="nav-link" href="<?php echo SITE_URL; ?>admin/">
                                <i class="fas fa-tachometer-alt mr-2"></i>仪表盘
                            </a>
                        </li>
                        <li class="nav-item">
                            <a class="nav-link" href="<?php echo SITE_URL; ?>admin/users.php">
                                <i class="fas fa-users mr-2"></i>用户管理
                            </a>
                        </li>
                        <li class="nav-item">
                            <a class="nav-link" href="<?php echo SITE_URL; ?>admin/patients.php">
                                <i class="fas fa-user-injured mr-2"></i>患者管理
                            </a>
                        </li>
                        <li class="nav-item">
                            <a class="nav-link" href="<?php echo SITE_URL; ?>admin/doctors.php">
                                <i class="fas fa-user-md mr-2"></i>医生管理
                            </a>
                        </li>
                        <li class="nav-item">
                            <a class="nav-link" href="<?php echo SITE_URL; ?>admin/departments.php">
                                <i class="fas fa-hospital mr-2"></i>科室管理
                            </a>
                        </li>
                        <li class="nav-item">
                            <a class="nav-link" href="<?php echo SITE_URL; ?>admin/appointments.php">
                                <i class="fas fa-calendar-check mr-2"></i>预约管理
                            </a>
                        </li>
                        <li class="nav-item">
                            <a class="nav-link" href="<?php echo SITE_URL; ?>admin/medicines.php">
                                <i class="fas fa-pills mr-2"></i>药品管理
                            </a>
                        </li>
                        <li class="nav-item">
                            <a class="nav-link" href="<?php echo SITE_URL; ?>admin/records.php">
                                <i class="fas fa-notes-medical mr-2"></i>病历管理
                            </a>
                        </li>
                        <li class="nav-item">
                            <a class="nav-link" href="<?php echo SITE_URL; ?>admin/logs.php">
                                <i class="fas fa-history mr-2"></i>系统日志
                            </a>
                        </li>
                        <li class="nav-item">
                            <a class="nav-link active" href="<?php echo SITE_URL; ?>admin/settings.php">
                                <i class="fas fa-cog mr-2"></i>系统设置
                            </a>
                        </li>
                        <li class="nav-item mt-3">
                            <a class="nav-link" href="<?php echo SITE_URL; ?>">
                                <i class="fas fa-home mr-2"></i>返回前台
                            </a>
                        </li>
                        <li class="nav-item">
                            <a class="nav-link" href="<?php echo SITE_URL; ?>logout.php">
                                <i class="fas fa-sign-out-alt mr-2"></i>退出登录
                            </a>
                        </li>
                    </ul>
                </div>
            </div>
            
            <!-- 主内容区 -->
            <div class="col-md-10 ml-sm-auto px-4 py-3">
                <div class="d-flex justify-content-between flex-wrap flex-md-nowrap align-items-center pt-3 pb-2 mb-3 border-bottom">
                    <h1 class="h2">系统设置</h1>
                    <div class="btn-toolbar mb-2 mb-md-0">
                        <div class="dropdown">
                            <button class="btn btn-sm btn-outline-secondary dropdown-toggle" type="button" id="dropdownMenuButton" data-toggle="dropdown" aria-haspopup="true" aria-expanded="false">
                                <i class="fas fa-cog"></i> 操作
                            </button>
                            <div class="dropdown-menu" aria-labelledby="dropdownMenuButton">
                                <a class="dropdown-item" href="<?php echo SITE_URL; ?>admin/profile.php">个人设置</a>
                                <div class="dropdown-divider"></div>
                                <a class="dropdown-item" href="<?php echo SITE_URL; ?>logout.php">退出登录</a>
                            </div>
                        </div>
                    </div>
                </div>
                
                <?php if ($success): ?>
                    <div class="alert alert-success">
                        <?php echo $success; ?>
                    </div>
                <?php endif; ?>
                
                <?php if ($error): ?>
                    <div class="alert alert-danger">
                        <?php echo $error; ?>
                    </div>
                <?php endif; ?>
                
                <!-- 设置选项卡 -->
                <ul class="nav nav-tabs" id="settingsTabs" role="tablist">
                    <li class="nav-item">
                        <a class="nav-link active" id="general-tab" data-toggle="tab" href="#general" role="tab" aria-controls="general" aria-selected="true">
                            <i class="fas fa-cog mr-1"></i> 常规设置
                        </a>
                    </li>
                    <li class="nav-item">
                        <a class="nav-link" id="email-tab" data-toggle="tab" href="#email" role="tab" aria-controls="email" aria-selected="false">
                            <i class="fas fa-envelope mr-1"></i> 邮件设置
                        </a>
                    </li>
                    <li class="nav-item">
                        <a class="nav-link" id="backup-tab" data-toggle="tab" href="#backup" role="tab" aria-controls="backup" aria-selected="false">
                            <i class="fas fa-database mr-1"></i> 备份设置
                        </a>
                    </li>
                    <li class="nav-item">
                        <a class="nav-link" id="security-tab" data-toggle="tab" href="#security" role="tab" aria-controls="security" aria-selected="false">
                            <i class="fas fa-shield-alt mr-1"></i> 安全设置
                        </a>
                    </li>
                    <li class="nav-item">
                        <a class="nav-link" id="user-tab" data-toggle="tab" href="#user" role="tab" aria-controls="user" aria-selected="false">
                            <i class="fas fa-user-cog mr-1"></i> 用户查询
                        </a>
                    </li>
                </ul>
                
                <div class="tab-content p-4 bg-white border border-top-0 rounded-bottom" id="settingsTabsContent">
                    <!-- 常规设置 -->
                    <div class="tab-pane fade show active" id="general" role="tabpanel" aria-labelledby="general-tab">
                        <h4 class="mb-4">常规设置</h4>
                        <form method="post">
                            <div class="form-group row">
                                <label for="site_name" class="col-sm-2 col-form-label">站点名称</label>
                                <div class="col-sm-10">
                                    <input type="text" class="form-control" id="site_name" name="site_name" value="<?php echo $settings['site_name']; ?>" required>
                                </div>
                            </div>
                            <div class="form-group row">
                                <label for="admin_email" class="col-sm-2 col-form-label">管理员邮箱</label>
                                <div class="col-sm-10">
                                    <input type="email" class="form-control" id="admin_email" name="admin_email" value="<?php echo $settings['admin_email']; ?>" required>
                                </div>
                            </div>
                            <div class="form-group row">
                                <label for="version" class="col-sm-2 col-form-label">系统版本</label>
                                <div class="col-sm-10">
                                    <input type="text" class="form-control" id="version" name="version" value="<?php echo $settings['version']; ?>" required>
                                </div>
                            </div>
                            <div class="form-group row">
                                <label for="copyright" class="col-sm-2 col-form-label">版权信息</label>
                                <div class="col-sm-10">
                                    <input type="text" class="form-control" id="copyright" name="copyright" value="<?php echo $settings['copyright']; ?>" required>
                                </div>
                            </div>
                            <div class="form-group row">
                                <div class="col-sm-10 offset-sm-2">
                                    <button type="submit" name="update_settings" class="btn btn-primary">保存设置</button>
                                </div>
                            </div>
                        </form>
                    </div>
                    
                    <!-- 邮件设置 -->
                    <div class="tab-pane fade" id="email" role="tabpanel" aria-labelledby="email-tab">
                        <h4 class="mb-4">邮件设置</h4>
                        <form method="post">
                            <div class="form-group row">
                                <label for="smtp_host" class="col-sm-2 col-form-label">SMTP服务器</label>
                                <div class="col-sm-10">
                                    <input type="text" class="form-control" id="smtp_host" name="smtp_host" value="smtp.example.com">
                                </div>
                            </div>
                            <div class="form-group row">
                                <label for="smtp_port" class="col-sm-2 col-form-label">SMTP端口</label>
                                <div class="col-sm-10">
                                    <input type="number" class="form-control" id="smtp_port" name="smtp_port" value="587">
                                </div>
                            </div>
                            <div class="form-group row">
                                <label for="smtp_username" class="col-sm-2 col-form-label">SMTP用户名</label>
                                <div class="col-sm-10">
                                    <input type="text" class="form-control" id="smtp_username" name="smtp_username" value="user@example.com">
                                </div>
                            </div>
                            <div class="form-group row">
                                <label for="smtp_password" class="col-sm-2 col-form-label">SMTP密码</label>
                                <div class="col-sm-10">
                                    <input type="password" class="form-control" id="smtp_password" name="smtp_password" value="password">
                                </div>
                            </div>
                            <div class="form-group row">
                                <label for="mail_from" class="col-sm-2 col-form-label">发件人</label>
                                <div class="col-sm-10">
                                    <input type="email" class="form-control" id="mail_from" name="mail_from" value="noreply@zhoudihealth.com">
                                </div>
                            </div>
                            <div class="form-group row">
                                <div class="col-sm-10 offset-sm-2">
                                    <button type="submit" name="test_email" class="btn btn-info mr-2">发送测试邮件</button>
                                    <button type="submit" name="update_email" class="btn btn-primary">保存设置</button>
                                </div>
                            </div>
                        </form>
                    </div>
                    
                    <!-- 备份设置 -->
                    <div class="tab-pane fade" id="backup" role="tabpanel" aria-labelledby="backup-tab">
                        <h4 class="mb-4">备份设置</h4>
                        <form method="post" class="mb-4">
                            <div class="form-group row">
                                <label for="backup_schedule" class="col-sm-2 col-form-label">备份计划</label>
                                <div class="col-sm-10">
                                    <select class="form-control" id="backup_schedule" name="backup_schedule">
                                        <option value="daily">每天</option>
                                        <option value="weekly" selected>每周</option>
                                        <option value="monthly">每月</option>
                                    </select>
                                </div>
                            </div>
                            <div class="form-group row">
                                <label for="backup_time" class="col-sm-2 col-form-label">备份时间</label>
                                <div class="col-sm-10">
                                    <input type="time" class="form-control" id="backup_time" name="backup_time" value="00:00">
                                </div>
                            </div>
                            <div class="form-group row">
                                <label for="backup_keep" class="col-sm-2 col-form-label">保留备份数</label>
                                <div class="col-sm-10">
                                    <input type="number" class="form-control" id="backup_keep" name="backup_keep" value="10" min="1">
                                </div>
                            </div>
                            <div class="form-group row">
                                <div class="col-sm-10 offset-sm-2">
                                    <button type="submit" name="backup_db" class="btn btn-info mr-2">立即备份</button>
                                    <button type="submit" name="update_backup" class="btn btn-primary">保存设置</button>
                                </div>
                            </div>
                        </form>
                        
                        <h5 class="mt-4 mb-3">备份记录</h5>
                        <div class="table-responsive">
                            <table class="table table-striped table-hover">
                                <thead>
                                    <tr>
                                        <th>ID</th>
                                        <th>文件名</th>
                                        <th>大小</th>
                                        <th>创建时间</th>
                                        <th>操作</th>
                                    </tr>
                                </thead>
                                <tbody>
                                    <?php foreach ($backups as $backup): ?>
                                        <tr>
                                            <td><?php echo $backup['id']; ?></td>
                                            <td><?php echo $backup['filename']; ?></td>
                                            <td><?php echo $backup['size']; ?></td>
                                            <td><?php echo $backup['created_at']; ?></td>
                                            <td>
                                                <a href="#" class="btn btn-sm btn-outline-primary">下载</a>
                                                <a href="#" class="btn btn-sm btn-outline-danger ml-1">删除</a>
                                            </td>
                                        </tr>
                                    <?php endforeach; ?>
                                </tbody>
                            </table>
                        </div>
                    </div>
                    
                    <!-- 安全设置 -->
                    <div class="tab-pane fade" id="security" role="tabpanel" aria-labelledby="security-tab">
                        <h4 class="mb-4">安全设置</h4>
                        <form method="post">
                            <div class="form-group row">
                                <label for="password_min_length" class="col-sm-3 col-form-label">密码最小长度</label>
                                <div class="col-sm-9">
                                    <input type="number" class="form-control" id="password_min_length" name="password_min_length" value="8" min="6">
                                </div>
                            </div>
                            <div class="form-group row">
                                <label for="password_require_uppercase" class="col-sm-3 col-form-label">要求包含大写字母</label>
                                <div class="col-sm-9">
                                    <div class="custom-control custom-switch mt-2">
                                        <input type="checkbox" class="custom-control-input" id="password_require_uppercase" name="password_require_uppercase" checked>
                                        <label class="custom-control-label" for="password_require_uppercase"></label>
                                    </div>
                                </div>
                            </div>
                            <div class="form-group row">
                                <label for="password_require_number" class="col-sm-3 col-form-label">要求包含数字</label>
                                <div class="col-sm-9">
                                    <div class="custom-control custom-switch mt-2">
                                        <input type="checkbox" class="custom-control-input" id="password_require_number" name="password_require_number" checked>
                                        <label class="custom-control-label" for="password_require_number"></label>
                                    </div>
                                </div>
                            </div>
                            <div class="form-group row">
                                <label for="password_require_special" class="col-sm-3 col-form-label">要求包含特殊字符</label>
                                <div class="col-sm-9">
                                    <div class="custom-control custom-switch mt-2">
                                        <input type="checkbox" class="custom-control-input" id="password_require_special" name="password_require_special">
                                        <label class="custom-control-label" for="password_require_special"></label>
                                    </div>
                                </div>
                            </div>
                            <div class="form-group row">
                                <label for="session_timeout" class="col-sm-3 col-form-label">会话超时时间(分钟)</label>
                                <div class="col-sm-9">
                                    <input type="number" class="form-control" id="session_timeout" name="session_timeout" value="30" min="5">
                                </div>
                            </div>
                            <div class="form-group row">
                                <label for="login_attempts" class="col-sm-3 col-form-label">最大登录尝试次数</label>
                                <div class="col-sm-9">
                                    <input type="number" class="form-control" id="login_attempts" name="login_attempts" value="5" min="3">
                                </div>
                            </div>
                            <div class="form-group row">
                                <div class="col-sm-9 offset-sm-3">
                                    <button type="submit" name="update_security" class="btn btn-primary">保存设置</button>
                                </div>
                            </div>
                        </form>
                    </div>
                    
                    <div class="tab-pane fade" id="user" role="tabpanel" aria-labelledby="user-tab">
                        <h4 class="mb-4">用户查询</h4>
                        <form method="post" class="mb-4">
                            <div class="form-group row">
                                <label for="username" class="col-sm-2 col-form-label">用户名</label>
                                <div class="col-sm-8">
                                    <input type="text" class="form-control" id="username" name="username" placeholder="输入用户名进行查询">
                                </div>
                                <div class="col-sm-2">
                                    <button type="submit" name="search" class="btn btn-primary btn-block">搜索</button>
                                </div>
                            </div>
                        </form>
                        
                        <?php if (isset($users) && !empty($users)): ?>
                            <h5 class="mt-4 mb-3">查询结果</h5>
                            <div class="table-responsive">
                                <table class="table table-striped table-hover">
                                    <thead>
                                        <tr>
                                            <th>ID</th>
                                            <th>用户名</th>
                                            <th>邮箱</th>
                                            <th>角色</th>
                                            <th>注册时间</th>
                                        </tr>
                                    </thead>
                                    <tbody>
                                        <?php foreach ($users as $user): ?>
                                            <tr>
                                                <td><?php echo $user['id']; ?></td>
                                                <td><?php echo $user['username']; ?></td>
                                                <td><?php echo $user['email']; ?></td>
                                                <td><?php echo $user['role']; ?></td>
                                                <td><?php echo $user['created_at']; ?></td>
                                            </tr>
                                        <?php endforeach; ?>
                                    </tbody>
                                </table>
                            </div>
                        <?php elseif (isset($users) && empty($users)): ?>
                            <div class="alert alert-info">未找到匹配的用户</div>
                        <?php endif; ?>
                    </div>
                </div>
                
                <!-- 版权信息 -->
                <footer class="mt-5 text-center text-muted">
                    <p>
                        &copy; <?php echo date('Y'); ?> <?php echo SITE_NAME; ?>. 版权所有
                        <br>
                        <small>Powered by <a href="#" class="text-muted">州弟学安全</a> | 版本 <?php echo VERSION; ?></small>
                    </p>
                </footer>
            </div>
        </div>
    </div>

    <script src="/assets\js/jquery-3_7b53a2dc.5.1.min.js"></script></script></script></script>
    <script src="/assets\js/popper_9c21e708.min.js"></script></script></script></script>
    <script src="/assets\js/bootstrap_a618e9ff.min.js"></script></script></script></script>
    <script src="/assets\js/main.js"></script></script>
</body>
</html> 